CVE-2005-0045
Gravedad CVSS v2.0:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
02/05/2005
Última modificación:
03/04/2025
Descripción
*** Pendiente de traducción *** The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the "Server Message Block Vulnerability," and as demonstrated using Trans2 FIND_FIRST2 responses with large file name length fields.
Impacto
Puntuación base 2.0
7.50
Gravedad 2.0
ALTA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://marc.info/?l=bugtraq&m=110792638401852&w=2
- http://marc.info/?l=bugtraq&m=111040962600205&w=2
- http://marc.info/?l=ntbugtraq&m=110795643831169&w=2
- http://www.kb.cert.org/vuls/id/652537
- http://www.securityfocus.com/bid/12484
- http://www.us-cert.gov/cas/techalerts/TA05-039A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-011
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19089
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1606
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1847
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1889
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4043
- http://marc.info/?l=bugtraq&m=110792638401852&w=2
- http://marc.info/?l=bugtraq&m=111040962600205&w=2
- http://marc.info/?l=ntbugtraq&m=110795643831169&w=2
- http://www.kb.cert.org/vuls/id/652537
- http://www.securityfocus.com/bid/12484
- http://www.us-cert.gov/cas/techalerts/TA05-039A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-011
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19089
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1606
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1847
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1889
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4043